After learning what is a DMARC policy, let’s understand what it does. A DMARC policy essentially enables a domain owner to specify what to do in case an email fails both SPF and DKIM checks (i.e. whether to quarantine or reject it). The DMARC DNS record also specifies how the recipient can report back to the domain owner, in case an email fails authentication.
However, while opting for DMARC implementation, it is important to ensure that the DMARC policy is enforced to either quarantine or reject. Though none policy is the starting point to monitor your email flow, it doesn’t facilitate the implementation of DMARC enforcement at your organization, as it doesn’t enforce action on the emails that fail DMARC authentication, hence, it is still delivered into the recipient’s inbox. Hence, in order to avoid such a situation, a quarantine or reject policy can prevent a wide range of email security breaches.